In the end of 2014 it became known that the SSL protocol (specifically SSL v3) was broken and decryption of the encrypted data was possible. This is an industry-wide vulnerability affecting the SSL 3.0 protocol itself and is not specific to the Windows operating system.

All supported versions of Microsoft Windows implement this protocol and are affected by this vulnerability!

Microsoft is announcing that SSL 3.0 will be disabled in the default configuration of Internet Explorer and across Microsoft online services over the coming months. Microsoft recommends customers migrate clients and services to more secure security protocols, such as TLS 1.0, TLS 1.1 or TLS 1.2.